Set PIN Policies for UM-Enabled Users

 

Applies to: Exchange Server 2010 SP3, Exchange Server 2010 SP2

You can set PIN policies on a Unified Messaging (UM) mailbox policy. UM mailbox policies can be configured to increase the level of security for UM-enabled users by requiring users to comply with the predefined PIN policies for your organization.

To set PIN policies for UM users, you can either create a new UM mailbox policy or modify an existing UM mailbox policy. After a new UM mailbox policy is created, you can then configure the UM mailbox policy by configuring the following PIN settings:

  • MinPasswordLength

  • PINLifetime

  • LogonFailuresBeforePINReset

  • MaxLogonAttempts

  • AllowCommonPatterns

  • PINHistoryCount

It's a security best practice to implement strong PIN requirements for UM users. This can be enforced by creating UM PIN policies that require 6 or more digits for PINs and increase the level of security for your network.

When you change the PIN policy, the new PIN setting is applied to users who are currently associated with the UM mailbox policy. For example, if you modify the UM mailbox policy and change the minimum PIN length from 7 to 10 digits, the next time users log on they'll be forced to change their PIN to comply with the changed PIN requirement.

Looking for other management tasks related to UM mailbox policies? Check out Managing UM Mailbox Policies.

Prerequisites

Use the EMC to set PIN policies for UM users

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "UM mailbox policies" entry in the Unified Messaging Permissions topic

  1. In the console tree, navigate to Organization Configuration > Unified Messaging.

  2. In the work pane, click the UM Mailbox Policies tab.

  3. Click the UM mailbox policy that you want to change. This is the UM mailbox policy that's associated to the UM-enabled user.

  4. In the action pane, click Properties.

  5. In the UM mailbox policy Properties window, click the PIN Policies tab.

  6. On the PIN Policies tab, configure the PIN settings for the UM mailbox policy, and then click OK to accept your changes.

Use the Shell to set PIN policies for UM users

You need to be assigned permissions before you can perform this procedure. To see what permissions you need, see the "UM mailbox policies" entry in the Unified Messaging Permissions topic

This example sets the PIN settings for users associated with the UM mailbox policy MyUMMailboxPolicy.

Set-UMMailboxPolicy -Identity MyUMMailboxPolicy -LogonFailuresBeforePINReset 8 -MaxLogonAttempts 12 -MinPINLength 8 -PINHistoryCount 10 -PINLifetime 60 -ResetPINText "The PIN used to allow you access to your mailbox using Outlook Voice Access has been reset."

For information about syntax and parameters, see Set-UMMailboxPolicy.

Other Tasks

After you set PIN policies for UM users, you may also want to:

 © 2010 Microsoft Corporation. All rights reserved.